Security of Third Party Windows Applications

In a recent paper, Secunia highlighted the lack of adoption of security features like DEP & ASLR in third party windows applications. While many native windows applications support them, third party applications have not been very good in adopting those features.

Given the trend of attackers' targeting vulnerabilities in third party applications rather than a Microsoft product, it makes a lot of sense to adapt to the requirements of these two key security mechanisms if you are developing for Windows.

If you are evaluating third party Windows applications for your organization, how about adding these as part of your overall security requirements?

No comments:

Post a Comment